What is it about IRC that makes it look like a botnet? I happily run an IRCD and an IRC client without issue, so what's the criteria for being botnet-like?

From what I understand, it's not so much the ports and what not, but the type of transmissions and their frequency. Apparently some (all?) botnets use IRC for communications, so the ISPs have gotten to where they look for frequent and seemingly autonomous transmissions across IRC.

* LFnet IRC network is primarily used for bitcoin - a few others and I maintain it and we're all bitcoin users.

* I am a regular bitcoin contributor. I'm also the guy that bought the 10,000 bitcoin pizza in case anyone is wondering. I'm a moderator on this forum, I maintain the Mac OS build and I wrote the original GPU miner (http://heliacal.net/~solar/bitcoin/opencl-v2-svn-95-2010-06-30.patch) - I hope that's enough credentials to prove to anyone that I'm not some BOFH IRC admin

* We will make sure the #bitcoinXX channels are not 'taken over' or anything like that.

* The IRC servers have been configured to limit the number of records returned when a client joins #bitcoin and issues a WHO request. This greatly reduced the bandwidth and memory requirements.

* We use and monitor IRC and will keep an eye on the #bitcoinXX channels. The channel modes will be locked to a reasonable normal setting like #bitcoin is today.

I would like to add an option/preference to disable IRC in the client. It should be on by default, since that's the whole point, to bootstrap new users, but then the user should be able to switch it off. There will still be plenty of people who leave it on to provide booting to others, but not everyone needs to do that; especially if you don't have the inbound port open.

I also think that alternative bootstrap methods are a good idea, but it should be possible to switch it all off once you're connected to the network.

I would like to add an option/preference to disable IRC in the client. It should be on by default, since that's the whole point, to bootstrap new users, but then the user should be able to switch it off. There will still be plenty of people who leave it on to provide booting to others, but not everyone needs to do that; especially if you don't have the inbound port open.

I also think that alternative bootstrap methods are a good idea, but it should be possible to switch it all off once you're connected to the network.

That already pretty much happens, bitcoin prefers nodes it has previously connected to, so as long as it has made a decent number of connections in the past it shouldn't bother with nodes from bootstrap sources. Plus keep in mind bootstrap sources are just lists of IPs, which is really no different from what you get via peer exchange.

* LFnet IRC network is primarily used for bitcoin - a few others and I maintain it and we're all bitcoin users.

* I am a regular bitcoin contributor. I'm also the guy that bought the 10,000 bitcoin pizza in case anyone is wondering. I'm a moderator on this forum, I maintain the Mac OS build and I wrote the original GPU miner (http://heliacal.net/~solar/bitcoin/opencl-v2-svn-95-2010-06-30.patch) - I hope that's enough credentials to prove to anyone that I'm not some BOFH IRC admin

* We will make sure the #bitcoinXX channels are not 'taken over' or anything like that.

* The IRC servers have been configured to limit the number of records returned when a client joins #bitcoin and issues a WHO request. This greatly reduced the bandwidth and memory requirements.

* We use and monitor IRC and will keep an eye on the #bitcoinXX channels. The channel modes will be locked to a reasonable normal setting like #bitcoin is today.

I would like to add an option/preference to disable IRC in the client. It should be on by default, since that's the whole point, to bootstrap new users, but then the user should be able to switch it off. There will still be plenty of people who leave it on to provide booting to others, but not everyone needs to do that; especially if you don't have the inbound port open.

I also think that alternative bootstrap methods are a good idea, but it should be possible to switch it all off once you're connected to the network.

Thanks,Laszlo

Couldn't you in theory hijack almost the entire network?I'm not claiming that you would of course, but i'm wary of that ability being available to any one entity - what if, for example, someone sniffed your connection and got /oper access?

No, it wouldn't make much difference if the IRC network was compromised.

It is just used to get a list of hostnames to try to connect to, but you only need to connect to one real node in order to be able to receive the majority block chain. It is just one of many methods used to find other nodes - the address messages broadcast on the bitcoin network are the primary means, and once you've been connected to the network the client keeps a local cache of the addresses it has seen. The ones it sees on IRC are just added to the list.

I don't think it would be possible to "hijack" anything, though maybe IRC could break things by returning millions of bogus addresses and filling up addr.dat. Does Bitcoin defend against this?

It would be simple - just add a bunch of peers you control and use them to poison the network - you could even be evil by sending your poison peers only to certain users to avoid everyone else noticing. Send one user 30 poison peers and they see 30 connections and think everything is normal.

No, it wouldn't make much difference if the IRC network was compromised.

It is just used to get a list of hostnames to try to connect to, but you only need to connect to one real node in order to be able to receive the majority block chain. It is just one of many methods used to find other nodes - the address messages broadcast on the bitcoin network are the primary means, and once you've been connected to the network the client keeps a local cache of the addresses it has seen. The ones it sees on IRC are just added to the list.

No, it wouldn't make much difference if the IRC network was compromised.

It is just used to get a list of hostnames to try to connect to, but you only need to connect to one real node in order to be able to receive the majority block chain. It is just one of many methods used to find other nodes - the address messages broadcast on the bitcoin network are the primary means, and once you've been connected to the network the client keeps a local cache of the addresses it has seen. The ones it sees on IRC are just added to the list.

You'd still be able to hijack new users

That would be true of any bootstrapping mechanism you can think of. At least with IRC it's somewhat transparent in that people can log in and see what's going on.. I don't really see any way around this though..

Also, users would probably notice that they weren't on the 'real' bitcoin network since they wouldn't be receiving any payments made to them or be able to send payments and also if they ever connect to a single real node by any of the bootstrapping mechanisms then they'd 'break out' of the illusion.

Infact, there's really very little motivation to 'hijack' a new user.. all you can really do is prevent them from communicating with other bitcoin users.. you can't steal their money or intercept their transactions.. all you could do it stop them from connecting to the network.. which they would probably notice and be able to work around. I guess you could force them to work on your block chain, but since mining is now disabled in the main client anyway that is no-longer true either.

No, it wouldn't make much difference if the IRC network was compromised.

It is just used to get a list of hostnames to try to connect to, but you only need to connect to one real node in order to be able to receive the majority block chain. It is just one of many methods used to find other nodes - the address messages broadcast on the bitcoin network are the primary means, and once you've been connected to the network the client keeps a local cache of the addresses it has seen. The ones it sees on IRC are just added to the list.

You'd still be able to hijack new users

That would be true of any bootstrapping mechanism you can think of. At least with IRC it's somewhat transparent in that people can log in and see what's going on.. I don't really see any way around this though..

Also, users would probably notice that they weren't on the 'real' bitcoin network since they wouldn't be receiving any payments made to them or be able to send payments and also if they ever connect to a single real node by any of the bootstrapping mechanisms then they'd 'break out' of the illusion.

Connecting to a real node by what other mechanism?This is why multiple mechanisms are a good thing

DNS is a step forward in speed but also a step back in functionality.Encoded in the IRC nicks is the port the peer is listening on. The DNS peer lookup has no way to do that the moment.This means DNS discovery can only use the standard port which makes blocking peer bootstrapping much easier.Not a big issue right now but it does need to be addressed at some point.